apple_badger

lkrupp said:

Remember, people, this is the former 'Facebook security chief’. Facebook and security are mutually exclusionary terms. It’s like trying to put a square peg into a round hole. It ain’t happening.

Stamos is *highly* respected in the information security community. Speaking as someone who's job title includes the words chief, information, security, and officer, when he says something I almost always find it worth considering and never dismiss it outright based on where he's worked. For what it's worth, by all account his time at Facebook wasn't a harmonious one. 

He's guest hosted the Risky Business security podcast numerous times. If you want to get a sense of the guy, I recommend listening to those episodes. 

It's probably a good idea to read the original release from ZecOps (https://blog.zecops.com/vulnerabilities/youve-got-0-click-mail/) or at least their FAQ for this (https://blog.zecops.com/vulnerabilities/youve-got-0-click-mail/#post-faq). They lay out their case for why they think there's been exploitation and also explain that this is, by itself, not enough to fully take over the phone. 

Speaking as someone who works in IT security, I'm going to make two observations:

Andy.Hardwake said:

Security advisory council headed by a Facebook security officer... Bwahahahahaha  long way to go guys!

Alex Stamos is very well regarded in the ITSec community. He left Facebook because he couldn't get them to take security seriously enough; his association with Zoom (or it's dissolution) is a good indicator about whether or not they're doing the right things as far as privacy and security.  

melgross said:

Because it’s not really true. That is, neither DED’s, or Apple badger. When I go to conferences, I see a mix of Apple laptops, iPads, Windows laptops, and some Surface Pro models. Depending on the conference, the ratios change. But normally, Apple’s products are at least 50%.

Since I'm talking about my own observations, which I reality admit(ted) are anecdotal evidence by definition, I'm not sure how you can say that what I'm saying isn't really true. My observation, when talking about tablet-like things, has been that I see a lot of Surface Pros around where it used to be a sea of only iPads. Depending on the people in the group, mine may be the only iPad in the room, but that's rare. Manager sorts seem to prefer the Surface Pro, while technical folks and students tend to go for the iPad. Again, this is what I have noticed; you can have a completely different experience and we can still both be right  

Overall, when you include notebooks, the number of Apple devices that I see seems to be more than half, but I'm not sure if that's just down to Apple stuff being more noticeable. As the glowing Apple logo fades into history, that bias will become less relevant. 

If we want to venture out of the anecdotal space, I can tell you that over time the number of Apple devices, as a percentage of the total number of devices) on my workplace WiFi network (I work at a small Canadian university) has declined, though absolute numbers have increased. In 2010-ish, the number of Apple devices was well over 2/3s on any given day and these days it tends to be around 40%. I know this because I was challenged by a former CIO on my assertion that Apple devices made up the majority of devices on our WiFi network, so I wrote a script that tracks that  

That decline is not, in my opinion, any indicator of trouble for Apple; it's just a sign that in the mobile space the competition has gotten better. Apple isn't in trouble; the iPad is doing very, very well, but this fixation on pushing the narrative that the Surface Pro is failing seems weird to me. 

Soli said:

I wonder if the T2 or another chips will know that you've replaced the NAND. If not, then you a nefarious outfit could replace NAND with there own containing a rootkit. 

I believe that the SSD is encrypted with keys stored in the secure enclave on the T2 (whether or not you enable FileVault). Replacing the chips would mean that the new chips would contain a filesystem that's unusable by the computer until it's reformatted.